[HBASE-10823] Resolve LATEST_TIMESTAMP to current server time before scanning for ACLs - ASF JIRA

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 0.98.1
Fix Version/s: 0.99.0, 0.98.2
Component/s: None
Labels:
None

Hadoop Flags:

Reviewed

Description

Storing values with timestamps in the future is probably bad practice and can lead to surprises. If cells with timestamps in the future have ACLs, permissions from those ACLs will incorrectly be considered for authorizing the pending mutation. For sure that will be surprising.

We should be able to avoid this case by resolving LATEST_TIMESTAMP to the current server time when creating the internal scanner for finding ACLs in the covered cell set.

Documenting a todo item from a discussion between Anoop Sam John and myself.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending

Attachments

HBASE-10823.patch
11/Apr/14 18:39
13 kB
Andrew Purtell
HBASE-10823.patch
11/Apr/14 16:44
6 kB
Andrew Purtell
HBASE-10823.patch
11/Apr/14 00:50
68 kB
Andrew Purtell
test.patch
11/Apr/14 08:13
7 kB
Anoop Sam John

Issue Links

is related to

HBASE-10964 Delete mutation is not consistent with Put wrt timestamp

Closed

relates to

HBASE-10970 [AccessController] Issues with covering cell permission checks

Closed

Options

Sub-Tasks

Refactor cell ACL tests

Closed

Andrew Purtell

Activity

People

Assignee:

Andrew Purtell

Reporter:

Andrew Purtell

Votes:

0 Vote for this issue

Watchers:

7 Start watching this issue

Dates

Created:

25/Mar/14 01:58

Updated:

21/Feb/15 23:35

Resolved:

15/Apr/14 17:56